38faa9b728d9f0c3ba045a929ed3339a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

38faa9b728d9f0c3ba045a929ed3339a_JaffaCakes118
Size

12KB
MD5

38faa9b728d9f0c3ba045a929ed3339a
SHA1

7df65ee255b0f4022c71585b83d32fa57ea5a36c
SHA256

cef504b70268d465ea8b95936ae10f923dffdd6fd838668355644cb6957fc246
SHA512

e602fb1c55058e5de45146a90000296446dbfc209f1aa7f3013a88579d5b3c0d479338a1e7ace3553a93ca7cc0af73fc3f3e51af4b141cf18cabc597d9c0fdd9
SSDEEP

48:CcmF82k6PS4NWTRtClH4Sb9hp6Vruib/crQEPyxIt6bpQPAVBZz3BeQfGg3C:fmF82ZPrWW4Sb9Kb/cH6a9PEH9XO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38faa9b728d9f0c3ba045a929ed3339a_JaffaCakes118

Files

38faa9b728d9f0c3ba045a929ed3339a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4237676a49a82094a7ea716c4a3cdd9e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
SetWindowLongA
SetTimer
GetMessageA
DispatchMessageA
CreateWindowExA
wsprintfA

kernel32

lstrlenA
CloseHandle
CopyFileA
CreateFileA
DeleteFileA
ExitProcess
FreeLibrary
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
LoadLibraryA
LocalAlloc
ReadFile
WideCharToMultiByte
WriteFile
lstrcmpiA
lstrcmpA
lstrcatA

wsock32

gethostname
WSAStartup
recv
send
socket
closesocket
connect

advapi32

RegSetValueExA
RegCreateKeyA
RegCloseKey

shell32

ShellExecuteA

ole32

CoTaskMemFree
CoInitialize

wininet

FindFirstUrlCacheEntryA
FindCloseUrlCache
DeleteUrlCacheEntryA
FindNextUrlCacheEntryA

Sections

Un-FSG !
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE